what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 17 of 17 RSS Feed

Files Date: 2013-10-03

Mandriva Linux Security Advisory 2013-245
Posted Oct 3, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-245 - Integer overflow in kbdint.c in mod_sftp in ProFTPD 1.3.4d and 1.3.5r3 allows remote attackers to cause a denial of service (memory consumption) via a large response count value in an authentication request, which triggers a large memory allocation. The updated packages have been patched to correct this issue.

tags | advisory, remote, denial of service, overflow
systems | linux, mandriva
advisories | CVE-2013-4359
SHA-256 | e4f9f86ca1ec517a8ee256a4c2d1c6b5b638a8a2f18528122bb728d1c874c6cd
Lynis Auditing Tool 1.3.1
Posted Oct 3, 2013
Authored by Michael Boelen | Site cisofy.com

Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.

Changes: This release has several generic updates, including adjustments of text and fixes in the detection of binaries, including performance tweaks. Several minor adjustments have been implemented to improve several audit checks.
tags | tool, scanner
systems | unix
SHA-256 | 10532b626e8182605e3ca9215d856a20145f776c30c729387f374dd753230a15
Zenphoto 1.4.5.2 Cross Site Scripting / SQL Injection
Posted Oct 3, 2013
Authored by Sojobo Dev Team

Zenphoto version 1.4.5.2 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | 186e32de10a3e7dda397488f868c181cbea223eeaf97d5fa65c9c8a4de5db329
EMC Atmos Unauthenticated Database Access
Posted Oct 3, 2013
Site emc.com

Atmos nodes prior to version 2.1.4 allow connections to the remote PostgreSQL database server using a default user account with no password. The PostgreSQL database stores system information data used to administer Atmos nodes.

tags | advisory, remote
advisories | CVE-2013-3279
SHA-256 | 5e4ac6a7e0202c43697bfc3df33ee600bccdb3fee8349f53c8ffe61056868469
Citrix Netscaler 10.0 Denial Of Service
Posted Oct 3, 2013
Authored by S. Viehbock | Site sec-consult.com

A vulnerability was found in the nsconfigd daemon (TCP port 3008/SSL and 3010). This daemon can be crashed by sending a specially crafted message. No prior authentication is necessary. A watchdog daemon (pitboss) automatically restarts nsconfigd after the first six crashes and then reboots the appliance. By sending just a few packets the appliance can be kept in a constant reboot loop resulting in total loss of availability. The vulnerabilities have been verified to exist in Citrix NetScaler VPX (Build 70.7.nc), which was the most recent version at the time of discovery.

tags | advisory, tcp, vulnerability
SHA-256 | 58dcdce47632f720bc628f80305effb40ef074b20b017ef9442a1abcc451ee3b
HP Security Bulletin HPSBPI02892
Posted Oct 3, 2013
Authored by HP | Site hp.com

HP Security Bulletin HPSBPI02892 - Potential security vulnerabilities have been identified with certain HP FutureSmart LaserJet printers. The vulnerabilities might lead to weak encryption of PDF documents or local disclosure of scanned information. Revision 1 of this advisory.

tags | advisory, local, vulnerability
advisories | CVE-2013-4828, CVE-2013-4829
SHA-256 | 6fa5d4c637fa52dc3ecd517150d8ee41c3cd9b916c71349e4ba1429fe5261fdf
Aanval 7.1 Build 70151 SQL Injection / Cross Site Scripting
Posted Oct 3, 2013
Authored by xistence

Aanval version 7.1 build 70151 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | 25c6581c50e70623be4df653e794e6218f92804314f2bd7664a2d6b31e5a06b5
WebAssist PowerCMS PHP Cross Site Scripting
Posted Oct 3, 2013
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

WebAssist PowerCMS PHP suffers from multiple cross site scripting vulnerabilities.

tags | exploit, php, vulnerability, xss
SHA-256 | 6fc868abcb18310896d829df9b0a6d0530380058beae2c964f7c7ac6f21c9eea
Apple Security Advisory 2013-10-03-1
Posted Oct 3, 2013
Authored by Apple | Site apple.com

Apple Security Advisory 2013-10-03-1 - OS X version 10.8.5 Supplemental Update is now available and addresses a logic issue in Directory Service's verification of authentication credentials.

tags | advisory
systems | apple, osx
advisories | CVE-2013-5163
SHA-256 | 4a73c6b3f66419ffc682c15f58284c701a52641d52fe5e8b937b967b4a687bdb
SilverStripe Framework CMS 3.0.5 Cross Site Scripting
Posted Oct 3, 2013
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

SilverStripe Framework CMS version 3.0.5 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 2b771ae8f3a35f7ab9bc5a1fb65e5cce149fb153b8b308c95772c9a55632ada8
Hide Photo+Video Safe 1.6 LFI / XSS
Posted Oct 3, 2013
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

Hide Photo+Video Safe version 1.6 suffers from local file inclusion and cross site scripting vulnerabilities.

tags | exploit, local, vulnerability, xss, file inclusion
SHA-256 | 2adba6964e32ad40cea84bbbc4d4d0e987f5a0d56241a0b542b1ced551b55897
ZeroShell 2.0 RC3 Command Injection / Cross Site Scripting
Posted Oct 3, 2013
Authored by xistence

ZeroShell version 2.0 RC3 suffers from command injection and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | c6b7a171ee0acfbc63038e7082d14a3c678fc1589e9e4db140b10e4c2c32b948
Security Guard CMS QT 4.7.3 Buffer Overflow
Posted Oct 3, 2013
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

Security Guard CMS QT version 4.7.3 suffers from a local stack buffer overflow vulnerability.

tags | advisory, overflow, local
SHA-256 | e337b29c9abe7f018791eace7e3978986e243436724a2227c3ca3ec164dcbae3
elproLOG MONITOR WebAccess 2.1 XSS / SQL Injection
Posted Oct 3, 2013
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

elproLOG MONITOR WebAccess version 2.1 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | d161c80d8b1e4da060ee9651719266cdc777ed36571d5f91f285927707c309e9
WordPress Slimstat Ex Code Execution
Posted Oct 3, 2013
Authored by wantexz

WordPress Slimstat Ex plugin remote PHP arbitrary code execution exploit.

tags | exploit, remote, arbitrary, php, code execution
SHA-256 | 8ed6ec6d5399189b0d500e2817fd117e9e5da303c52a66bce3ba5263df85eb15
Evince PDF Reader 2.32.0.145 / 3.4.0 Denial Of Service
Posted Oct 3, 2013
Authored by Deva

Evince PDF Reader versions 2.32.0.145 (Windows) and 3.4.0 (Linux) suffer from a denial of service vulnerability.

tags | exploit, denial of service
systems | linux, windows
SHA-256 | 991428249cbe929860d2599990338a2127ae1aebe48f41fc531a342c63cdaffe
WordPress SEO Watcher Remote Code Execution
Posted Oct 3, 2013
Authored by wantexz

WordPress SEO Watcher plugin remote code execution exploit.

tags | exploit, remote, code execution
SHA-256 | f4717c8b12ddb539492284d5c7dfd2d0f0f2fa6e209a9c9fa7e6515d4d4d7940
Page 1 of 1
Back1Next

File Archive:

June 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    19 Files
  • 2
    Jun 2nd
    16 Files
  • 3
    Jun 3rd
    28 Files
  • 4
    Jun 4th
    0 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    19 Files
  • 7
    Jun 7th
    23 Files
  • 8
    Jun 8th
    11 Files
  • 9
    Jun 9th
    10 Files
  • 10
    Jun 10th
    4 Files
  • 11
    Jun 11th
    0 Files
  • 12
    Jun 12th
    0 Files
  • 13
    Jun 13th
    0 Files
  • 14
    Jun 14th
    0 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    27 Files
  • 20
    Jun 20th
    65 Files
  • 21
    Jun 21st
    10 Files
  • 22
    Jun 22nd
    8 Files
  • 23
    Jun 23rd
    6 Files
  • 24
    Jun 24th
    6 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close